Red Hat Training

A Red Hat training course is available for Red Hat OpenStack Platform

Chapter 6. Configure iptables and Pacemaker

Configure the firewall and Pacemaker to isolate the database cluster.

Procedure

Insert an iptables rule on each controller node to drop inbound connections over the the virtual IP address to the database port.

[root@overcloud-controller-0]# iptables -I INPUT -d 192.168.1.10 -p tcp --dport 3306 -j DROP
[root@overcloud-controller-1]# iptables -I INPUT -d 192.168.1.10 -p tcp --dport 3306 -j DROP
[root@overcloud-controller-2]# iptables -I INPUT -d 192.168.1.10 -p tcp --dport 3306 -j DROP

From one of the controller nodes, remove the mariadb-galera service from Pacemaker management.
```
[root@overcloud-controller-0]# pcs resource unmanage galera
```

Select Your Language

Language:

Language:

Red Hat Training

Chapter 6. Configure iptables and Pacemaker

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Language:

Language and Page Formatting Options

Language:

Red Hat Training

Chapter 6. Configure iptables and Pacemaker

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links